1. Field of the Invention
The present invention relates to an electronic mail system, and in particular to an electronic mail system which is suitable for use by small companies with limited financial resources. Specifically, the electronic mail system considers a user's convenience and facilitates security reinforcement and electronic mail management according to operation rules at moderate cost.
2. Description of the Related Art
Along with the recent, remarkable development of the Internet, electronic mail has come to be easily utilized at moderate cost not only by large companies but also small companies, SOHOs, and even individuals. Parties without their own mail servers, such as individuals, small companies, and so forth, can use mail servers offered by Internet providers to exchange electronic mail with outside parties.
A mail server computer having a message transmission and reception function, a mailbox function, a message management function, and so forth is necessary for an electronic mail system. Most mail servers require a password for user authentication. Here, a general mail server constitutes of a mail transfer server (an SMTP server) for electronic mail transmission based on Simple Mail Transfer Protocol, or SMTP, and a mail receiving server (a POP server) for electronic mail receiving based on Post Office Protocol. As SMTP does not have a user authentication function, as does POP, it is possible to arrange such that transmission of electronic mail is allowed only after completion of user authentication through a POP authentication function (“POP before SMTP”).
A mail server can provide a mailbox for each user so that each user can access his mailbox at desired timing to retrieve therefrom mail data addressed to them. Recently, free mail service is offered in many sites, and one user may have two or more mailboxes. That is, one user may utilize two or more mail servers and use different mailboxes for different purposes, enabling effective use of electronic mail. Generally, each mailbox can be set with a password, and a user is allowed to access mail data in his mailbox after user authentication based on the password by the concerned mail server.
As described above, a user of a client computer having an electronic mail function and connected to an intra-company LAN is allowed to exchange electronic mail with a party outside the company (an outsider) after completion of user authentication by a mail server. Under such condition, inappropriate network administration, in particular, in view of security and account management for an electronic mail system, may permit electronic mail transmission for unauthorized or malicious purposes without difficulty.
For example, suppose that an unauthorized user creates a user account and a password to access a mail server, sends confidential information to an outsider, and deletes the account. Generally, this unauthorized user who leaked the confidential information cannot be identified. Further, an unauthorized user can illegally access a mail server from outside the company using an account and password which are assigned originally for business use. Still further, where a mailing list is generally transmissible as an attached file, such electronic mail transmission, that is, electronic mail transmission enormous data volume may not be a normal business procedure, if not for an unauthorized purpose, and permission without restriction of such electronic mail transmission may result in an increase in the network load, which could adversely affect use of the network by others. Still further, the company system must be protected from virus attacks not only from inside but also from outside the company.
In short, imposition of no restriction or condition on use of an electronic mail system puts the system at risk of being used for an unauthorized, malicious, or undesirable purpose, or even rejected by an attack from outside. Therefore, it is desirable to manage operation of such an electronic mail system through network observation, security control, and capacity planning accompanied by, for example, placing some restrictions on its use.
In order to address the above described problems with electronic mail systems, large companies may be able to afford sufficient monetary resources to take measures for system security by network specialists, to construct a required system, to employ a full time network administrator, and so forth.
Small companies, however, are unlikely to be able to afford security management or employment of network specialists, and may often have little knowledge about construction of system environment to prevent unauthorized or malicious use of electronic mail. In addition, users owning multiple mailboxes often find it troublesome to retrieve data from all of his mailboxes because such a user is required to input their ID and password for each mailbox and to separately retrieve mail data from each individual mailbox.